Cloud toolkit

If you are interested in using cloud or hosted IT services (or are already using one of these services) it is important that you are clear of the implications with regard to data protection and information security.

This toolkit provides guidance to assist members of the University when assessing the suitability of the service for processing and storing data controlled by the University. The guidance is intended to be applicable to the University, its constituent units, and its members (whether staff or student).

The toolkit was developed by a working group convened by IT Services and including representation from Legal Services, Information Security, OUP and Purchasing.

 Guidance

These pages provide guidance on the selection and use of cloud computing services, including good practice and links to other policies and information.

 Data protection

Materials prepared by Legal Services covering data protection law with respect to cloud services providers, a data processing clause, and a handy flowchart.

 Information security

Guidance prepared by the Information Security team relating to cloud services. It includes an information security flowchart, a cloud security checklist and a third party security assessment template.

 

Written by IT Services. Latest revision 7 September 2017